Oracle Linux Security Advisory ELSA-2025-23306 http://linux.oracle.com/errata/ELSA-2025-23306.html
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: binutils-2.41-58.0.1.el10_1.2.x86_64.rpm binutils-devel-2.41-58.0.1.el10_1.2.x86_64.rpm binutils-gold-2.41-58.0.1.el10_1.2.x86_64.rpm aarch64: binutils-2.41-58.0.1.el10_1.2.aarch64.rpm binutils-devel-2.41-58.0.1.el10_1.2.aarch64.rpm binutils-gold-2.41-58.0.1.el10_1.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/binutils-2.41-58.0.1.el10_1.2.src.rpm Related CVEs: CVE-2025-11082 CVE-2025-11083 Description of changes: [2.41-58.0.1.2] - Forward-port Oracle patches to 2.41-58.2 - CVE-2025-11082 - CVE-2025-11083 Reviewed-by: David Faust <[email protected]> Oracle history: September-29-2025 David Faust <[email protected]> - 2.41-58.0.1 - Forward-port Oracle patches to 2.41-58. Reviewed-by: Jose E. Marchesi <[email protected]> August-29-2025 Bruce McCulloch <[email protected]> - 2.41-57.0.1 - Forward-port Oracle patches to 2.41-57. Reviewed-by: Jose E. Marchesi <[email protected]> Jun-04-2025 Bruce McCulloch <[email protected]> - 2.41-53.0.3 - Add binutils-orabug-38018827.patch. - Fix ctf_dict_open clobbering errno. - Backport of upstream commit: - 14303d6295e libctf: archive, open: when opening, always set errp to something. - [Orabug: 38018827] - Add binutils-orabug-38018828.patch. - In kernel links, properly hide CTF types only if conflicting. - Backport of upstream commits: - 75e514cfa56 Revert "libctf: fix linking of non-root-visible types" - 002957be18e libctf: dedup: improve hiding of conflicting types in the same dict - [Orabug: 38018828] Reviewed-by: Jose E. Marchesi <[email protected]> Reviewed-by: Nick Alcock <[email protected]> Reviewed-by: Elena Zannoni <[email protected]> May-28-2025 Vladimir Mezentsev <[email protected]> - 2.41-53.0.2 - Backported updates for gprofng. Reviewed-by: Bruce McCulloch <[email protected]> April-02-2025 Bruce McCulloch <[email protected]> - 2.41-53.0.1 - Merge Oracle patches to 2.41-53. Reviewed-by: Jose E. Marchesi <[email protected]> November-28-2024 Nick Alcock <[email protected]> - 2.41-45.0.1 - Latest CTF changes from upstream - add ctf_dict_set_flag, ctf_lookup_enumerator, ctf_lookup_enumerator_next, ctf_arc_lookup_enumerator_next; consider enums with differing enumerators to be conflicting - add documentation to ctf-api.h - allow modification of ctf_opened dicts and opening of foreign- endian older dicts - looking up types by name prefers non-bitfields if possible - bugfixes to parent propagation, rewriting of existing dicts, ctf_archive_count, CU-mapped links, and dumping and linking of non-root-visible types. - fix a bunch of small leaks and one big one (on ctf_open error) - fix a write into freed memory after ctf_rollback and writeout - internal improvements to serialization, name lookup, symbol lookup, string handling, and more - explicitly disable zstd support (enabling requires addition of zstd to the .so scripts) [2.41-58.2] - Fix a potential illegal memory access when linking a corrupt input file. (RHEL-126875) [2.41-58.1] - Fix a potential illegal memory access when linking a corrupt input file. (RHEL-125206) _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
